💾 Archived View for gemini.spam.works › mirrors › textfiles › hacking › icebook2.txt captured on 2021-12-04 at 18:04:22.

View Raw

More Information

-=-=-=-=-=-=-



                -(Exploring the further regions of experience...)-

      
       ###################################################################
       ##        _____________        __________         __________     ##
       ##       /____    ____/\      /   ______/\       /   ______/\    ##
       ##       \__ /   /\___\/     /   /\_____\/      /   /\_____\/    ##
       ##          /   / /         /   / /            /   /_/___        ##
       ##         /   / /         /   / /            /   ______/\       ##
       ##        /   / /         /   / /            /   /\_____\/       ##
       ##   ____/   /_/__       /   /_/____        /   /_/____          ##
       ##  /____________/\     /__________/\      /__________/\         ##
       ##  \____________\/     \__________\/      \__________\/         ##
       ##                                                               ##
       #######            Headquarters: (416) 934-4055             #######
            ##                                                     ##
            #########################################################
            ##        INNER CIRCLE ELITES (ICE) Presents:          ##
            ##  -- The Guide to Hacking & Phreaking [Issue #2] --  ## 
            ##                  by Liquid Jesus                    ##
            #########################################################


_______CONTENTS___________________________________________________________

PART I.......Introduction
PART II......PHreak PHile Extract (Guidelines by The Mentor - LOD/H)
PART III.....Datapac, PADs, and X.25
PART IV......DNIC Listing
PART V.......NUA Examples (Extracted from PHrack vol.3 issue 27)
PART VI......Questions & Answers
PART VII.....End of Transmission
__________________________________________________________________________


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
            ______   ______    ______   _________       _______
           |  __  | |  __  |  |  ___ \ |___   ___|     |_______|
           | |__| | | |  | |  | |__/ /     | |            | | 
           |   ___| | |__| |  |     /      | |            | | 
           |  |     |  __  |  | |\  \      | |          __|_|__
           |__|     |_|  |_|  |_| \__\     |_|         |_______|

                          -+- Introduction -+-


	First off I want to thank all the people who left me feedback
after the release of the first issue.  It's a hellova lot easier to talk
about things people ask about then by picking stuff out of the blue.  It's
only been a couple of days since I finished the first issue but the great
response has prompted me to get my ass hauling an the second.  This issue
will probably have a *large* Q&A section but I'll try and limit the ones I
answer to the ones being most important.  Most people who leave me
feedback on my BBS will have their questions answered in this guide and
I'll have their name at the beginning of the question.  If you ask me
something and you feel it's just such a dumb question that you don't want
to be labelled as the one who asked it, just tell me and I'll change you
to "anonymous".
 
	Ok, I *was* planning on getting into new aspects of h/ping this
issue (credit card fraud, how an NUAs and X.25 works, details about
specific systems, etc..) but most of the feedback I've recieved so far
has had to do with either 800 services and Datapac.  Another large area of
concern is the risk of getting caught.  Well, I'm not going to lie to
anyone... law enforcement is a LOT tougher on phreaks then on pirates. 
With pirating they figure "Ok, the guy probably wouldn't have bought the
game in the first place anyways so it's not like the company is LOOSING
money because he made a copy for himself".  Also, it's a lot more
widespread.  Hack/Phreaks charge money *directly* to places such as
telephone companies and other pay services.  They can get into the corners
of large systems and read about someones personal data until they find it
time to have some fun and start changing things.  When people start
feeling insecure about their own private belongings, they find it VERY
easy to slam the person who made them feel this way.  You've probably
already heard numerous stories about hackers being caught and charged with
computer crimes.  "Computer hackers crack credit codes", "Israeli hacker
cracks military, credit codes", "Fone Phreaks charge millions in unpaid
bills", etc, etc...  it's no longer just the 95% average "nerd with taped
glasses" doing it.  So how do you manage to stay out of trouble?  Well
that's easy, be cautious.  If you find something new you haven't seen
before, ask an experience hacker if it's safe to use.  Also, keep a low
profile.  So what if you feel great about cracking your first system. 
Keep your discussions to h/p-designated BBS's and don't start blabbing
specifics to people you don't know.  Instead of saying "I just got into
General Motors VAX mainframe" you could limit it to "I just hacked a big
VAX" or something.  Just watch what you say.  

	As for what you CAN use, just about anything that someone else
says.  Someone will tell you if something isn't safe, and if it isn't most
of the time they'll also tell you how to use it without getting in di-hoe.
Generally, everything is safe that is posted to the public (eg: on
Alliance, VMB's, BBS's, chat lines, etc..).  Someone also asked me if ALL
950's were unsafe.  Ok, here's the definition of a 950 from the PHreak's
Glossary:

     950  -  (pronounced nine-five-oh, not nine-fifty)  A  nationwide  access
             exchange in most areas. Many LD companies have  extenders 
             located somewhere on this exchange; however, all services on
             this  exchange  are  considered dangerous due to the fact that
             they ALL have the ability to trace. Most 950 services have 
             crystal clear connections.
  
	All 950's have the number 800-950-xxxx (the prefix is 950 hence
it's name.. duhh).  Not ALL are unsafe but there are more unsafe 950's
then other forms of 800 services.  As I said before, you'll hear if one
isn't safe.

	Another thing, before we get started, someone asked me to name
some things that would be good for beginner hackers to start on.  Things
that are very safe.  Well...

(1) university/colledge computers: most have relatively low external
    security and don't keep logs of unsuccessful entry attempts.  An
    example is the Lincoln County Board of Education VAX at 641-1295
    (2400 baud - use VT100 emulation for best results).  Some other
    examples of local small business systems are:
    641-2973 (1200bps) - O.R. MFAS Complex [run on a VAX/VMS] Very SLOW.
    641-5002 (1200bps) - System 288 ISOETEC Communications Inc.
    687-1655 (2400bps) - Q&O Corporate Division (Quebec and Ontario
                         Paper Company) [use VT-100 emulation]
    687-8788 (1200bps) - Hotel Dieu (send hard break after connect.  This
                         one is very hard to hack... I don't even know the
                         format of the login)
    687-3954 (2400bps) - hit ESCape to get menu of companies

(2) computers connected through networks: as there are a massive amount
    of people connected to a network at any given time it isn't practible
    for the network to run traces on everything.  And, through network
    systems you can usually jump around to other systems.  The closest
    network dialups are for Datapac.  Here's a few:
     357-4695  2400 baud     - ICE also has a list of about 50 or so other
     687-1104  2400 baud       Datapac dialups for both 1200 and 2400 baud.
     687-1115  2400 baud       Just ask!
     688-5640  1200 baud
    ..and remember, after you connect enter two periods and hit return
    (EG: .. <cr> ) and from there you enter the system address (which is
    8 digits long)  For some systems to check out see the first release
    of this article (filename: ICE001.TXT)


 	What to stay away from?  Well.. usually government computers
aren't safe to hack unless you know what you're doing (more on this in a
future issue), as well as systems to SOME big companies.  Like calling
direct to AT&T's mainframe and hacking it for hours on end wouldn't be
something you'd wanna do.


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
         ______   ______    ______   _________       ___________
        |  __  | |  __  |  |  ___ \ |___   ___|     |___________|
        | |__| | | |  | |  | |__/ /     | |            | | | |
        |   ___| | |__| |  |     /      | |            | | | |
        |  |     |  __  |  | |\  \      | |          __|_|_|_|__
        |__|     |_|  |_|  |_| \__\     |_|         |___________|

      -+- PHreak PHile Extract: Guidelines by The Mentor - LOD/H -+-


The following was extracted from P/HUN Issue #2 by The Mentor (Legion of
Doom/Legoin of Hackers).  I know I posted my own guidelines in release #1
of this guide but these are a few more you may want to keep in mind:

    As long as there have been computers, there have been hackers.  In the
50's at the Massachusets Institute of Technology (MIT), students devoted
much time and energy to ingenious exploration of the computers.  Rules and
the law were disregarded in their pursuit for the 'hack'.  Just as they
were enthralled with their pursuit of information, so are we.  The thrill
of the hack is not in breaking the law, it's in the pursuit and capture of
knowledge.

I.    Do not intentionally damage *any* system.
II.   Do not alter any system files other than ones needed to ensure your
      escape from detection and your future access (Trojan Horses, Altering
      Logs, and the like are all necessary to your survival for as long as
      possible.)
III.  Do not leave your (or anyone else's) real name, real handle, or real
      phone number on any system that you access illegally.  They *can* and
      will track you down from your handle!
IV.   Be careful who you share information with.  Feds are getting trickier.
      Generally, if you don't know their voice phone number, name, and
      occupation or haven't spoken with them voice on non-info trading
      conversations, be wary.
V.    Do not leave your real phone number to anyone you don't know.  This
      includes logging on boards, no matter how k-rad they seem.  If you
      don't know the sysop, leave a note telling some trustworthy people
      that will validate you.
VI.   Do not hack government computers.  Yes, there are government systems
      that are safe to hack, but they are few and far between.  And the
      government has inifitely more time and resources to track you down than
      a company who has to make a profit and justify expenses.
VII.  Don't use codes unless there is *NO* way around it (you don't have a
      local telenet or tymnet outdial and can't connect to anything 800...)
      You use codes long enough, you will get caught.  Period.
VIII. Don't be afraid to be paranoid.  Remember, you *are* breaking the law.
      It doesn't hurt to store everything encrypted on your hard disk, or
      keep your notes buried in the backyard or in the trunk of your car.
      You may feel a little funny, but you'll feel a lot funnier when you
      when you meet Bruno, your transvestite cellmate who axed his family to
      death.
IX.   Watch what you post on boards.  Most of the really great hackers in the
      country post *nothing* about the system they're currently working
      except in the broadest sense (I'm working on a UNIX, or a COSMOS, or
      something generic.  Not "I'm hacking into General Electric's Voice Mail
      System" or something inane and revealing like that.)
X.    Don't be afraid to ask questions.  That's what more experienced hackers
      are for.  Don't expect *everything* you ask to be answered, though.
      There are some things (LMOS, for instance) that a begining hacker
      shouldn't mess with.  You'll either get caught, or screw it up for
      others, or both.
XI.   Finally, you have to actually hack.  You can hang out on boards all you
      want, and you can read all the text files in the world, but until you
      actually start doing it, you'll never know what it's all about.  There's
      no thrill quite the same as getting into your first system (well, ok,
      I can think of a couple of bigger thrills, but you get the picture.)

   One of the safest places to start your hacking career is on a computer
system belonging to a college.  University computers have notoriously lax
security, and are more used to hackers, as every college computer depart-
ment has one or two, so are less likely to press charges if you should
be detected.  But the odds of them detecting you and having the personel to
committ to tracking you down are slim as long as you aren't destructive.

   If you are already a college student, this is ideal, as you can legally
explore your computer system to your heart's desire, then go out and look
for similar systems that you can penetrate with confidence, as you're already
familar with them.
 
  So if you just want to get your feet wet, call your local college.  Many
of them will provide accounts for local residents at a nominal (under $20)
charge.

   Finally, if you get caught, stay quiet until you get a lawyer.  Don't
volunteer any information, no matter what kind of 'deals' they offer you.
Nothing is binding unless you make the deal through your lawyer, so you
might as well shut up and wait.

- The Mentor: LOD/H




%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
        ______   ______    ______   _________       _______________
       |  __  | |  __  |  |  ___ \ |___   ___|     |_______________|
       | |__| | | |  | |  | |__/ /     | |            | | | | | |
       |   ___| | |__| |  |     /      | |            | | | | | |
       |  |     |  __  |  | |\  \      | |          __|_|_|_|_|_|__
       |__|     |_|  |_|  |_| \__\     |_|         |_______________|   
    
                     -+- Datapac, PADS, and X.25 -+-

	Ok, to start off, Datapac is a network with dialups ONLY in Canada
(a dialup is the number you call to get into the network eg. 687-1115) that
has all sorts of neat little services you can screw around with.  After you
connect you type two periods and hit return ".. <cr>" and that will tell
Datapac you're their.  From here you can enter any valid 8-digit address
to connect to a host systems.  An example is "74600268" (a VAX system).  
There are thousands of systems connected with Datapac all across Canada.  
If you want to get the specifics on Datapac and how it works enter the 
address "9160 0086" (no space in between though...) and it will give you 
menus and texts of all sorts of things.  So what's so special about Dpac?  
Well, most of the systems connected to it allow access to other networks 
around the world via packet assember/disassembers (PADs).  What a PAD does
is group the data into 128 or 256 byte chunks (normally, this can be
changed.  Using smaller packet sizes reduces PAD delay but may also cost
the company more money because some networks charge by the packet... but
hey, whatever makes your journey easier).  The packet is now transmitted
at speeds ranging from 9600bps to 19200bps (or even faster) to another PAD
where it then takes the data and hands it down to whatever computer
system it's connected to.  A PAD allows two computers that have different
baud rates or communication protocals to talk to each other over a long
distance.

	Although the systems connected directly to Datapac are located in 
Canada you can access any system in the world from it via the X.25 network. 
All of the major networks (Telenet, Tymnet, Datapac, ItaPAC, etc..) offer
connections with X.25 as well as many private companies.  (I don't wanna 
confuse anyone here but I might..).  Ok, as I said before, Datapac
connects to host systems by their 8-digit addresses.   Now pretend this 
8 digit number is like a normal 7 digit phone number (eg. 9344055) without
the area code.  To call outside of Datapac (using an X.25 PAD) you must
add the DNIC in front of it.  The DNIC (Data Network Identification Code)
is kind of like an areacode for networks.  It tells Datapac the area of
the world and which network inside it, that you're calling to.  Currently
Datapac connects DIRECTLY to the U.S. packet switching networks (PSN's) of
SprintNet, BT Tymnet, AT&T Accunet, Fedex, Net Express and Western Union. 
Also, through Teleglobe Canada it can connect to more than 100 networks
throughout the world.  So now you know what a NUA is (well... kinda).  A
NUA (Network User Address) has been conformed to X.121 standards (what's
X.121?  It's the standard set by Study Group 7 of the CCITT (International
Telegraph and Telephone Consultative Committee - you don't have to
remember that) that says an NUA takes the form of a 4 to 14 digit number
with the first four digits being the DNIC.  In this manner X.121 ensures
unique addresses for all data terminal equipment in the world.  Another
thing that you don't need to know is X.75 which defines the signalling
system between to PSN's, but can basically be defined as a network to
network interface (makes sure both networks are talking in the same
"language" so to speak).  Ok got all that?  Remember it for the test on
Friday (hohoho 8-)  I'm just tellin yah how things work in case anyone
actually cares.  Quick review:
X.121 - standard of how NUA's are made up
X.75  - network to network interface (the "language")

Sooo... an NUA is like this:
                                          (1) (DNIC) (FOREIGN ADDRESS)
                                           :     :          :
     One defines the Datapac International.:     :          :
     Prefix (tells Dpac yur callin outside       :          :
     of the network)                             :          :
                                                 :          :
     Packet networks are identified by a ........:          :
     four digit number called a DNIC                        :
     (data network identification code)                     :
                                                            :
     The foreign national address is .......................:
     expressed as an eight to ten digit
     address.

Also, as I stated before, when in Dpac you can change the packet size, but
when calling internationally the packet must be 128 characters.  You
cannot change this.  Ok, an example NUA is QSD:

                            1 2080 57040540
                            :  :     :
                            :  :     :
  Identifies international..:  :     :
  call (1)                     :     :...this is the address within
                               :         Transpac - the host system you're
  DNIC: 2080 - identifier for..:         connecting to.
  the network TRANSPAC in 
  France - the network your
  connecting to

Note: every PSN has a DNIC.  Datapac's is "3020" so if you lived in 
      Italy and hooked up to ItaPAC and wanted to call a VAX at 12345678
      connected with Datapac the NUA would be 1302012345678.  Easy eh?

	So what's so great about all this?  Well just think, if there's 
some tiny little company with a little desktop computer in the basement 
of some small building in Japan, you can connect with it if it's hooked 
up to a packet switching network, or even if it's hooked up to a LAN 
(local area network) providing the LAN server is connected with a PSN.
Also, unlike placing a normal phone call with which you can only be
connected to one place per line, X.25 PADs can have multiple lines
(actually, called channels) so sitting on your one line-one modem micro,
you could be connected to five or more mainframes in different countries
around the world simultaneously.

	Well now you know a little bit more about about 45% of the hacker
world (the other 45% is codes - 800 services (eg: PBX's) and the remaining
10% is the anarchy bit which I've never really been interested in.  Most
people are H/P but their's also the H/P/A (hack/phreak/anarchy) dudez who
spend time trying to construct the atomic bomb from household supplies...


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

        ______   ______    ______   _________       ________________
       |  __  | |  __  |  |  ___ \ |___   ___|     |________________|
       | |__| | | |  | |  | |__/ /     | |            | | \ \  / /
       |   ___| | |__| |  |     /      | |            | |  \ \/ /
       |  |     |  __  |  | |\  \      | |          __|_|___\__/____
       |__|     |_|  |_|  |_| \__\     |_|         |________________|
                                                            
                              -+- DNIC List -+-


	Well seeing as how I babbled on so much the last section about
them, I thought it might be worthwhile to include a DNIC listing  because
chances are you'll need it in the future.  Soo, straight from Datapac's 
Information Service....


     DATAPAC INTERNATIONAL IDENTIFICATION CODES (DNIC)

A comprehensive list of the International Packet-Switched networks
which are accessible via the Datapac-Teleglobe gateway is provided
below.  It is current as of 1992 06 09.

COUNTRY               NETWORK          DNIC       DIRECTION
-------               -------          ----       ---------

ANDORA                ANDORPAC         2945       BI-DIR
ANTIGUA               AGANET           3443       INCOMING
ARGENTINA             ARPAC            7220       BI-DIR
                      ARPAC            7222       BI-DIR
AUSTRIA               DATEX-P          2322       BI-DIR
                      DATEX-P TTX      2323       BI-DIR
                      RA               2329       BI-DIR
AUSTRALIA             AUSTPAC          5052       BI-DIR
                      OTC DATA ACCESS  5053       BI-DIR
                      AUSTPAC          5054       BI-DIR
BAHAMAS               BATELCO          3640       BI-DIR
BAHRAIN               BAHNET           4263       BI-DIR
BARBADOS              IDAS             3423       BI-DIR
BELGIUM               DCS              2062       BI-DIR
                      DCS              2068       BI-DIR
                      DCS              2069       BI-DIR
BELIZE                BTLDATAPAVC      7020       BI-DIR
BERMUDA               BERMUDANET       3503       BI-DIR
BRAZIL                INTERDATA        7240       BI-DIR
                      RENPAC           7241       BI-DIR
                      RENPAC           7248       INCOMING
                      RENPAC           7249       INCOMING
BULGARIA              BULPAC           2841       BI-DIR
CAMEROON              CAMPAC           6242       BI-DIR
CAYMAN ISLANDS        IDAS             3463       BI-DIR
CHAD                  CHAD             6222       BI-DIR
CHILE                 ENTEL            7302       BI-DIR
                      CHILE-PAC        7303       INCOMING
                      VTRNET           7305       BI-DIR
                      ENTEL            7300       INCOMING
CHINA                 PTELCOM          4600       BI-DIR
COLOMBIA              COLDAPAQ         7322       BI-DIR
COSTA RICA            RACSAPAC         7120       BI-DIR
                      RACSAPAC         7122       BI-DIR
                      RACSAPAC         7128       BI-DIR
                      RACSAPAC         7129       BI-DIR
CYPRUS                CYTAPAC          2802       BI-DIR
                      CYTAPAC          2807       BI-DIR
                      CYTAPAC          2808       BI-DIR
                      CYTAPAC          2809       BI-DIR
DENMARK               DATAPAK          2382       BI-DIR
                      DATAPAK          2383       BI-DIR
DJIBOUTI              STIPAC           6382       BI-DIR
DOMINICAN REP.        UDTS-I           3701       INCOMING
ESTONIA               ESTONIA          2506       BI-DIR
EGYPT                 ARENTO           6020       BI-DIR
FIJI                  FIJPAC           5420       BI-DIR
FINLAND               DATAPAK          2441       BI-DIR
                      DATAPAK          2442       BI-DIR
                      DATAPAK          9358       BI-DIR
                      DIGIPAK          2443       BI-DIR
FRANCE                TRANSPAC         2080       BI-DIR
                      NTI              2081       BI-DIR
                      TRANSPAC         2089       BI-DIR
                      TRANSPAC         9330       INCOMING
                      TRANSPAC         9331       INCOMING
                      TRANSPAC         9332       INCOMING
                      TRANSPAC         9333       INCOMING
                      TRANSPAC         9334       INCOMING
                      TRANSPAC         9335       INCOMING
                      TRANSPAC         9336       INCOMING
                      TRANSPAC         9337       INCOMING
                      TRANSPAC         9338       INCOMING
                      TRANSPAC         9339       INCOMING
FR ANTILLIES          TRANSPAC         2080       BI-DIR
FR GUIANA             TRANSPAC         2080       BI-DIR
FR POLYNESIA          TOMPAC           5470       BI-DIR
GABON                 GABONPAC         6282       BI-DIR
GERMANY F.R.          DATEX-P          2624       BI-DIR
                      DATEX-C          2627       BI-DIR
GREECE                HELPAK           2022       BI-DIR
                      HELLASPAC        2023       BI-DIR
GREENLAND             KANUPAX          2901       BI-DIR
GUAM                  LSDS-RCA         5350       BI-DIR
                      PACNET           5351       BI-DIR
GUATEMALA             GUATEL           7040       INCOMING
                      MAYAPAC          7042       INCOMING
                      GUATEL           7043       INCOMING
HONDURAS              HONDUTEL         7080       INCOMING
                      HONDUTEL         7082       BI-DIR
                      HONDUTEL         7089       BI-DIR
HONG KONG             INTELPAK         4542       BI-DIR
                      DATAPAK          4545       BI-DIR
                      INET HK          4546       BI-DIR
HUNGARY               DATEX-P          2160       BI-DIR
                      DATEX-P          2161       BI-DIR
ICELAND               ICEPAK           2740       BI-DIR
INDIA                 GPSS             4042       BI-DIR
INDONESIA             SKDP             5101       BI-DIR
IRELAND               EIRPAC           2721       BI-DIR
                      EIRPAC           2724       BI-DIR
ISRAEL                ISRANET          4251       BI-DIR
ITALY                 DARDO            2222       BI-DIR
                      ITAPAC           2227       BI-DIR
IVORY COAST           SYTRANPAC        6122       BI-DIR
JAMAICA               JAMINTEL         3380       INCOMING
JAPAN                 GLOBALNET        4400       BI-DIR
                      DDX              4401       BI-DIR
                      NIS-NET          4406       BI-DIR
                      VENUS-P          4408       BI-DIR
                      VENUS-P          9955       INCOMIMG
                      VENUS-C          4409       BI-DIR
                      VENUS-C          4410       BI-DIR
KENYA                 KENPAC           6390       BI-DIR
KOREA REP             HINET-P          4500       BI-DIR
                      DACOM-NET        4501       BI-DIR
                      DNS              4503       BI-DIR
KUWAIT                BAHNET           4263       BI-DIR
LEBANON               SODETEL          4155       BI-DIR
                      LIBANPAC         4150       BI-DIR
LUXEMBOURG            LUXPAC           2704       BI-DIR
                      LUXPAC           2709       BI-DIR
MACAU                 MACAUPAC         4550       BI-DIR
MADAGASCAR            INFOPAC          6460       BI-DIR
MALAYSIA              MAYPAC           5021       BI-DIR
MAURITIUS             MAURIDATA        6170       BI-DIR
MEXICO                TELEPAC          3340       BI-DIR
MOROCCO               MOROCCO          6040       BI-DIR
MOZAMBIQUE            COMPAC           6435       BI-DIR
NETHERLANDS           DATANET-1        2040       BI-DIR
                      DATANET-1        2041       BI-DIR
                      DABAS            2044       BI-DIR
                      DATANET-1        2049       BI-DIR
N. MARIANAS           PACNET           5351       BI-DIR
NEW CALEDONIA         TOMPAC           5460       BI-DIR
NEW ZEALAND           PACNET           5301       BI-DIR
NIGER                 NIGERPAC         6142       BI-DIR
NORWAY                DATAPAC TTX      2421       BI-DIR
                      DATAPAK          2422       BI-DIR
                      DATAPAC          2423       BI-DIR
PAKISTAN              PSDS             4100       BI-DIR
PANAMA                INTELPAQ         7141       BI-DIR
                      INTELPAQ         7142       BI-DIR
PARAQUAY              ANTELPAC         7447       INCOMING
PERU                  DICOTEL          7160       BI-DIR
PHILIPPINES           CAPWIRE          5150       INCOMING
                      CAPWIRE          5151       BI-DIR
                      PGC              5152       BI-DIR
                      GMCR             5154       BI-DIR
                      ETPI             5156       BI-DIR
PORTUGAL              TELEPAC          2680       BI-DIR
                      SABD             2682       BI-DIR
PUERTO RICO           UDTS             3300       BI-DIR
                      UDTS             3301       BI-DIR
QATAR                 DOHPAC           4271       BI-DIR
REUNION (FR)          TRANSPAC         2080       BI-DIR
RWANDA                RWANDA           6352       BI-DIR
SAN MARINO            X-NET            2922       BI-DIR
SAUDI ARABIA          ALWASEED         4201       BI-DIR
SENEGAL               SENPAC           6081       BI-DIR
SEYCHELLES            INFOLINK         6331       BI-DIR
SINGAPORE             TELEPAC          5252       BI-DIR
                      TELEPAC          5258       BI-DIR
SOLOMON ISLANDS       DATANET          5400       BI-DIR
SOUTH AFRICA          SAPONET          6550       BI-DIR
                      SAPONET          6551       BI-DIR
                      SAPONET          6559       BI-DIR
SRI-LANKA             DATANET          4132       BI-DIR
SPAIN                 TIDA             2141       BI-DIR
                      IBERPAC          2145       BI-DIR
SWEDEN                DATAPAK TTX      2401       BI-DIR
                      DATAPAK-2        2403       BI-DIR
                      DATAPAK-2        2407       BI-DIR
SWITZERLAND           TELEPAC          2284       BI-DIR
                      TELEPAC          2285       BI-DIR
                      TELEPAC          2289       BI-DIR
TAIWAN                PACNET           4872       BI-DIR
                      PACNET           4873       BI-DIR
                      UDAS             4877       BI-DIR
TCHECOSLOVAKA         DATEX-P          2301       BI-DIR
THAILAND              THAIPAC          5200       BI-DIR
                      IDAR             5201       BI-DIR
TONGA                 DATAPAK          5390       BI-DIR
TOGOLESE REP.         TOGOPAC          6152       BI-DIR
TORTOLA               IDAS             3483       INCOMING
TRINIDAD              DATANETT         3745       BI-DIR
                      TEXTET           3740       BI-DIR
TUNISIA               RED25            6050       BI-DIR
TURKEY                TURPAC           2862       BI-DIR
                      TURPAC           2863       BI-DIR
TURKS&CAICOS          IDAS             3763       INCOMING
U ARAB EMIRATES       EMDAN            4241       BI-DIR
                      EMDAN            4243       BI-DIR
                      TEDAS            4310       INCOMING
URUGUAY               URUPAC           7482       BI-DIR
                      URUPAC           7489       BI-DIR
USSR                  IASNET           2502       BI-DIR
U.S. VIRGIN I         UDTS             3320       BI-DIR
U. KINGDOM            IPSS-BTI         2341       BI-DIR
                      PSS-BT           2342       BI-DIR
                      GNS-BT           2343       BI-DIR
                      MERCURY          2350       BI-DIR
                      MERCURY          2351       BI-DIR
                      HULL             2352       BI-DIR
VENEZUELA             VENEXPAQ         7342       BI-DIR
YUGOSLAVIA            YUGOPAC          2201       BI-DIR
ZIMBABWE              ZIMNET           6482       BI-DIR

(As you can see there's a LOT of different networks around the world!)

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
        ______   ______    ______   _________     __________
       |  __  | |  __  |  |  ___ \ |___   ___|   |__________|
       | |__| | | |  | |  | |__/ /     | |         \ \  / /
       |   ___| | |__| |  |     /      | |          \ \/ /
       |  |     |  __  |  | |\  \      | |        ___\__/___
       |__|     |_|  |_|  |_| \__\     |_|       |__________|
                                                            
                            -+- NUA Extract -+-


	There are tens of thousands of NUAs around the world so I'm not
going to list them all obviously (the list alone would takes megs of
space).  I'll just take a few from PHrack issue #27 (vol.3) so you can
have a looksee of what's out there.  THESE HAVE NOT BEEN TESTED and they
may be out of service by the time you try them out, but chances are
they'll still be there:

 DNIC 
 \  / 
  \/
 2062 22 101 2      ?          Ministry of economic affairs
 2080 57 040 540               QSD (Chat system)
 2284 621100102                Cigy DEC1091
 2284 6411010       DM         DATAMAIL (RSAG)
 2284 681140592                Princeton University High Energy Physics
                               Group Vax 11/750
 2284 681140593                University of Michigan Physics Vax 11/750
 2284 681140596                N.U. Physics Vax 11/750
 2284 681140597                Harvard University High Energy Physics Lab.
                               Vax 8650
 2342 19200190      INFOLINE   PERGAMON INFOLINE LTD. (NFS)
 2342 19200203      IPSH       SHARP, I. P. ASSOCIATES LTD.
 2342 19200220                 BRITISH LIBRARY ON-LINE SYSTEM
 2342 19200222      BLAISE     British Library Information System
 2342 22236236      UWIST      University of Wales
 2342 22339399      CAMBRID    Cambridge University (Phoenix)
 2342 22530303      SWURCC     South-West Universities
 2342 2253030388    SWURCC     South-West Universities Network
 2342 23519111      AERE       Atomic Energy Research Establishment at
                               Harwell
 2343 07813         EUROINFO   Euronet Diane Information Service
 2442 03008         HELVA      High Energy Physics Vax 11/750
 2442 03017                    U of Technology DEC-20
 2442 31006                    Technical University of Tampere VAX
 2624 5241040149               Aachener + Muenchener Versicherung
 2624 5241090528               rmi-aachen
 2624 5241090832               RMI Datentechnik Aachen
 2624 5243340307               OPTEL (Ruehlemann-Box)
 2624 5246190509               Kfz Juelich
 2624 5271040240               Uni Siegen, FB Physik (VAX 11/750)
 2624 5293140196               Handwerkskammer (HWK) Arnsberg
 2624 530000414                GFC-AG
 2624 5611090322               American Express
 2624 5611090347               American Express
 3106 000323                   TRW Defence & Space Systems Group
 3106 000401                   TMCS Public Network
 3106 000633                   Public TYMNET/TRWNET Interlink
 3106 00157878                 BIX
 3106 001659                   BYTE Information Exchange (GUEST,GUEST)
 3106 001663                   People Link
 3106 001819                   TMCS Public Network
 3106 001828        FRX        Faifax Outdial Host (Tymnet)
 3106 001864                   SUNGARDS Central Computer Facility Network
 3106 002677                   The New York Times
 3106 0057878                  BIX
 3106 00584401                 Washington Post
 3110 21200315                 Outdial 300 bps (Area 212)
 3110 21200316                 Outdial 1200 bps (Area 212)
 3110 21200412                 Outdial 2400 bps (Area 212)
 3110 2120041200               New York City Outdial (Area 212)
 3110 21300029                 TRW Defence & Space Systems Group
 3110 3010002000    NLM        National Library of Medicine
 3110 3010002400               The Source
 3110 500061                   Nuclear Research
 3110 608016630                University of Wisconsin
 3110 609004200                Dow-Jones
 3110 6120002500               Honeywell Inform Services Datanetwork
 3110 6170013700               Masachusetts Institute of Technology
 3110 6170013800               Masachusetts Institute of Technology
 3110 6170013900               Masachusetts Institute of Technology
 3110 6170014000               Masachusetts Institute of Technology
 3110 6170127500               Masachusetts Institute of Technology
 3110 6170139000               Masachusetts Institute of Technology
 3110 6170140300               Masachusetts Institute of Technology
 3110 61703088                 Delphi
 3110 61900050                 California Outdial 1200 bps (Area 619)
 3110 7030002000               Litton Computer Services
 3110 7030002100               American Management Systems
 5052 82620000                 VAX in Sidney, Australia


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

        ______   ______    ______   _________     ________________
       |  __  | |  __  |  |  ___ \ |___   ___|   |________________| 
       | |__| | | |  | |  | |__/ /     | |         \ \  / /  | | 
       |   ___| | |__| |  |     /      | |          \ \/ /   | | 
       |  |     |  __  |  | |\  \      | |        ___\__/____|_|__
       |__|     |_|  |_|  |_| \__\     |_|       |________________|

                           -+- Questions & Answers -+-


        A lot of people think they shouldn't bother asking a question
because it's stupid, or it might make them look like a beginner.  Well
without an answer to your question you'll ALWAYS be a beginner.  I will
answer _any_ question no matter how small it may seem and if I can't give
an answer to it I'll find someone who can.  I've been in the h/p scene for
a couple of years now and there's still LOTS of stuff I have no clue about. 
H/Ping goes into all corners of the computer world and other forms of 
electronics and there's no WAY someone can know everything about all of it.
Most people just stick to one party of h/ping and specialize their.  I've
seen people that know the operating system to VAX/VMS inside out but they
don't have a clue as to how a PBX works.  I also know people who can hack
out VMB's in a minute but have never heard of an outdial.  Don't think
that all hack/phreaks know everything about everything cause they don't.
I've got loads of technical journals at hand so I can look up and give a
detailed answer on almost anything if you want one.  If you want me to
explain somethings step-by-step I'll do that too.  Ask and you shall
recieve.  So you ask "why am I being such a nice guy?"  Well as I said
before, the amount of phreaks in Niagara are VERY few and I want to expand
people's knowledge in the area.  When more people are learning, I won't be
the only one answering questions.  One more thing, not all answers in this 
section will be from me.  In this issue they are but in future issues I'll
be taking extracts from other hack philes and from other BBS's.

        Ok, hours after I released the first ICE H/P Handbook I had
feedback waiting for me on my board.  That's great.  The more the merrier.
If you have a question (L)eave Feedback to me on my BBS: 416-934-4055 (no,
you don't have to be a member to do this... guests can leave feedback as
well).


[QUESTION #1 from Darkwing Duck]:

  Ok, umm, I've read MOST of your H/P book (I'm on line 512 now).  What I'd
like to know is about Datapac.  When I call and look around is this illegal
(stupid question), ok, but can I get caught?
--------------------------------------------------------------------------
        No, it's not a stupid question.  When I first started out the
major thing that worried me and kept me from trying new things was getting
caught.  Datapac is a public service, and if you're just snooping around
not causing any harm, you won't get into trouble.  I have *heard* stories
of some people getting into dung for scanning Datapac, but myself as well
as other members of ICE and other people I know have been scanning Datapac
extensively for a _long_ time and nothing has every happened to me or them. 
Remember, Datapac is a huge network that goes all across Canada and also
accepts calls from overseas.  It has hundreds of dialups over the country.
This allows for thousands of people to be accessing it simultaneously.
Datapac doesn't have the time, money (well, maybe), or manpower to moniter
the doings of every user connected to it.


[QUESTION #2 from Darkwing Duck]:
 
        I'd like to call some LD BBS's (preferably h/p or pirate boards),
using the 800 services, now, can I get caught?  
--------------------------------------------------------------------------
        Most (I'd say about 95%) of the codes you hear being spread around
H/P BBS's, VMB's etc.. are safe to use.  If they're not, the person who
posted it will say so.  There has been problems with some 950 services
doing random traces in the past and some services have even posted fake
FBI warnings (remember, the FBI is an AMERICAN agency... they're not going
to go after people in Canada when they've got enough work to do in their
own country.  And as for the RCMP computer crime unit... they're a little
bit behind the times).  There's so many people using these ways to call LD
for free at the same time that it's impossible to do traces of all of them.
Of course if someone uses this 800 service to call a long distance computer
somewhere else, and goes in and destroys that system, well of course that
will increase the chance of getting caught.  But if you're using them to
call BBS's you're safe.


[QUESTION #3 from Anonymous]:
 
        I'm not quite sure of what the point of using a Datapac is.  Is it
to call networks and not get caught?
--------------------------------------------------------------------------
        Well first, Datapac _is_ a network.  From it you can also connect
to other networks though.  Their are a number of reasons of using it.
For one, most of the systems connected with it have PAD (Packet
Assembler/Disassembler) software, which allows you to call other systems
around the world via their NUA (network user address).  The advantages of
using a PAD to call out from Datapac, is that you get a crystal-clear
connection: no line noise.  PADs allow two remote systems to talk to each
other even though they may be connected at different baud rates or using
different protocals.  Transmissions between PADs in networks zip around at
speeds of 9600-19200 baud (even though you may be calling on a 1200 or 2400
baud modem, the modems in the network are going at light speed) and have 
built in error correcting protocals.  Also, once you connect to Datapac you
have access to other networks: Telenet, Tymnet, ItaPAC, JANET, SBDN, 
PandaNet, THENet, and a whole host of others.  All of which  have thousands
of separate systems connected to them.
 

[QUESTION #4 from Darkwing Duck]:

        When using 800 services, am I SUPPOSED to watch out for 950's and
PBX's?
--------------------------------------------------------------------------
	No.  950's and PBX's are WATS (Wide Area Telecommunications Service)
and this is what people use to call ld for free.  If you hear of a 950 use
it unless you hear otherwise.  Or if you're still unsure, call through a
diverter (a diverter is an 800 service that allows people to call other
800 numbers outside of their calling area).

  
[QUESTION #5 from Darkwing Duck]:

       Using Datapac, I call out to lets say Air Canada (an example from
the handbook).  Now, I connect, then I'm trying to break in (no I KNOW this
is illegal) but what are the chances of me getting caught?
--------------------------------------------------------------------------
	Well I've been into bigger places than Air Canada even after
hacking for hours, and still haven't been caught or warned or anything.
Even though a system might keep track of unsuccessful login attempts, it
won't say where those attempts were made from.  Companies generally won't
start running traces unless they really feel threatened by the possible
intruder.  Systems are hacked on all the time so it wouldn't be practible
for the company to start ordering the phone company to trace every time a
new hacker came along.  So in other words, I wouldn't worry about getting
caught.  But, if by some odd chance someone DID call you or anything, you
just say someone told you it was a private bbs system and you forgot what
the login/password was or something.  Just play dumb.


[QUESTION #6 from The Unit]:

	Can you explain a few more things in a little more detail for me?
Like, in the h/p message sections, they were talking about codes to dial
out ld, what exactically do they mean when they write " +code+#### " stuff
like that (put numbers in for #)
--------------------------------------------------------------------------
	Ok, most of the time when someone posts a long distance service it
will be something like (example):
            1-800-123-4567+09+acn
   or even  8/123-4567+09+acn
If you seem something with 8/ that means it's a 1-800 (we're just too lazy
to type 1-800 I guess)... "09" would be what you enter to get to the other
line that lets you dial out (when calling 800 services you call on one
line to get to it (an INWATS) and then once it answers you have to type in
a code that will switch you to the line that lets dial out (an OUTWATS). 
BTW: a WATS is a "Wide Area Telecommunications Service".  So you'd call up
1-800-123-4567 on you're trusty TOUCHTONE phone (if you've got only a
pulse phone you might as well not even be reading this file) then once you
hear it answer you will usually either hear a recording or it will go
right to another dialtone.  This is where you enter "09" and then it will
either go from the recording to a dialtone or just stay at a dialtone if
it already was.  Now you enter your ACN.  An ACN is Area Code Number (eg:
416-934-4055).  Alot of the time it will say 1+acn because the 1 is
required to call long distance.  It depends on the service.  Also,
whenever you see a code posted and the "+" are in it.. all the plus signs
mean is "wait for something and then enter the next thing".  Sometimes you
may get some huge code like 8/123-4567+1+09+acn+code or something like
that where you're required to call the 800 number, enter a number, wait
for something (either a message to end or a beep, or whatever) then enter
another number or set of numbers, then the areacode number you wanna call,
then a code (which of course was already hacked out by either yourself or
another phreak).
	Other times you'll see something like:  800-123-4567+5dig+acn and
that means the code consists of 5 digits but nothing has been hacked out
yet (so if you've got time work on it).  OR, you're see some that have a
template like (I'll give an example of a 7 digit code): 
                       800-123-4567  536xxxx
which means that someone has found a lot of codes on it with the first
numbers being "536".  A lot of companies put their codes in groups.  MOST
long distance services WILL require a code of a sort which will range
anywhere from 3 digits (easy to hack out) to 9 digits (very hard without a
template).

[QUESTION #7 from Iron Fist]:

	People have explained what a pad is but I'm still not too sure.  I
know you use them in networks but how?
--------------------------------------------------------------------------
	When you're connected to a host system on a network (say a PRIME
system for example), chances are that system will have a packet
assembler/disassembler connected to it.  This isn't a piece of hardware or
something you can see.  It's a program (on Primos computers this program
is called "Netlink", on VAX's you can use the "set host" command) that 
assembles data into packets of 128 or 256 byte chunks.  The program then 
sends it to a 9600-19200 baud modem that is connected with another system.  
From here it goes to the other system, who's pad software disassembles the 
packet.  Say you're connected to a university in England and it displays
the prompt "Hit 'C' to Continue".  You hit "C".  It goes from your
computer, to the packet switching network your connected to (eg: Datapac)
to the host system your connected to, is put into a 128 or 256 byte
packet, is sent through the fone lines via the X.25 network to the other
computer you're connected to.
	Ok, that's great but how do you actually place a call?  Well, when
you're at the PAD prompt (which can be anything eg: "DevelNet X.25:" or
what Netlink uses which is just a "@" symbol) enter either "?" or "help"
to get a list of commands.  Usually the command to call out is "c" but
this can vary according to the program.  The format of the NUA can also
vary.  If I'm calling QSD in France (NUA: 208057040540) from a Prime 
computer the command would be "c 12080:57040540".  The Netlink program 
demands a colon after the DNIC.  But the most common format is c+1+nua.


[QUESTION #8 from Iron Fist]:

	How do I get a list of VMB's or NUA's that are valid (current)?
--------------------------------------------------------------------------
	The best way to get an up to date list of anything is your
favorite hack/phreak BBS.  Or, if you have a VMB that you call, there.  


[QUESTION #9 from Anonymous]:

	What is the best computer to hack with?  I only have a 64 but can
I still do all the same stuff as other people?
--------------------------------------------------------------------------
	Some of the best hacking/scanning programs are for the C-64 and
some of the best h/p BBS's are run on the Commie.  One that used to be
good (haven't called in awhile) is Meltdown in Hamilton/Ontario at
416-648-8175 (12-24oo baud).


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
        ______   ______    ______   _________     ____________________
       |  __  | |  __  |  |  ___ \ |___   ___|   |____________________|
       | |__| | | |  | |  | |__/ /     | |         \ \  / /  | | | |
       |   ___| | |__| |  |     /      | |          \ \/ /   | | | |
       |  |     |  __  |  | |\  \      | |        ___\__/____|_|_|_|__
       |__|     |_|  |_|  |_| \__\     |_|       |____________________|

                        -+- End of Transmission -+-


	Well this one took a little longer than I had wanted (a whole 2
days - but those were 2 days of nonstop writing).  I'm hoping someone else
will write something in the next issue.  I'm going to ask Technazz to do
an article on something but he's a buzy person, so if *anyone* wants to
write in this just tell me.  It can be something that's only a paragraph
if yah want.  Anything.  What I don't have too much knowledge on is other
networks (Tymnet, Telenet, etc..) so if someone wants to do something on
that...

	Ok, well keep the questions comming to me cause it's easier for me
to talk about stuff that way.  Call ICE HQ at [416] 934-4055 and (L)eave
Feedback.  You don't even have to be a registered user to do that so call
call call.  Tell me what you think about these "hackbooks" and what you
wanna see in 'em (or don't wanna see in 'em for that matter).

	What to look for in the next release?  Hmmm... I'm not even sure
yet.  I think I'll release a tech journal compilation with extracts from
PHrack, PHun, and LoD/H.  Maybe type out a few newspaper articles lying
around, who knows.  Oh well, I'll have more of an idea when people leave
me some feedback.  Where can I (and other ICE members) be contacted?

    PSYCHIATRIC CYBERHELL BBS (ICE WHQ): 416-934-4055  [12/2400bps]

	Currently the only H/P supporting BBS in Niagara (and even if
there was another it'd still be the best! ehehhe)..  and here's how I can
be contacted internationally:

...aah the suffering - the sweet suffering... 

Contact Liquid Jesus of ICE/Nightbreed globally:

InterNet/UUCP........ liquid_jesus@pegasus.ch
Canada............... ICE WHQ: (416)934-4055, (416)934-6795
United States........ Town Town BBS (Paradise USA HQ): (414)781-3218
France (direct)...... +33 36431515 (type "THELINE") mailbox name: ICE92
France (via X.25).... 208057040540 (mailbox name: ICE92)
Switzerland.(direct). +41 (0)71 715577 (10 lines) (username: Liquid_Jesus)
Switzerland (X.25)... 228475212574 (Same as above)
Iceland (direct)..... 354-1-78099, 670990
Iceland (X.25)....... 274011991000 (username: AmiPhreak)
Iceland via X.25..... 274011991000


Thanx to...  Mentor(LOD/H), TAP Online, DIS